CVE-2023-26204
3.7LOWA plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4
Veröffentlicht: 6/13/2023Aktualisiert: 11/21/2024
Beschreibung
A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.
KI-AnalyseKI-gestützt
Betroffene Produkte
fortinetfortisiem
fortinetfortisiem
fortinetfortisiem
fortinetfortisiem
fortinetfortisiem
5.4.0
fortinetfortisiem
6.1.0
fortinetfortisiem
6.1.1
fortinetfortisiem
6.1.2
fortinetfortisiem
6.2.0
fortinetfortisiem
6.2.1
fortinetfortisiem
6.4.0
fortinetfortisiem
6.4.1
fortinetfortisiem
6.4.2
fortinetfortisiem
6.5.0
fortinetfortisiem
6.5.1
Referenzen
- https://fortiguard.com/psirt/FG-IR-21-141Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-21-141Vendor Advisory